Study finds attack detection takes too long

Share this article:

Critical shortcomings in the current approach to cyber security and incident response are putting companies at risk, with 86 percent of respondents to a Ponemon Institute study saying that it takes too long to detect a cyber attack.

And 85 percent of the 1,083 CISOs and security technicians surveyed for the report, Threat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations, conducted by Ponemon and sponsored by incident resolution specialists AccessData, said they didn't have a way to prioritize incidents.

“That's a big problem,” Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, told SCMagazine.com. “Some incidents are really significant and some are Mickey Mouse, bouncing off of the firewall.”

Bombarded by threats from every angle, companies also find it difficult to sift through them all — 61 percent of those surveyed said they receive too many alerts from too many point solutions.

“It's a game of whack-a-mole for them,” Craig Carpenter, chief cyber security strategist at AccessData, told SCMagazine.com.

And those solutions either aren't integrated or are poorly integrated, a problem that 74 percent of the CISOs and security technicians said impairs their ability to respond to threats while 40 percent claim that their security products don't support imported threat intelligence from other sources.

“They want information that's timely and really accurate. Getting both is kind of a Nirvana state, ” said Ponemon.  “But what they're getting is slow moving and “maybe” accurate.”

To close the gaps, Carpenter said, companies need the ability to do three things: automate incident resolution; validate and prioritize threats; and validate information against threat feeds with real time information regarding what's happening outside their own networks.

Share this article:

Sign up to our newsletters

More in News

Russian hacker Seleznev ordered to remain in custody

Roman Seleznev's attorneys requested that the hacker be released on bond, but their pleas were rejected this past week.

Bug in iOS Instagram app fixed, impacts Facebook accounts

The vulnerability comes into play when Instagram users search for Facebook friends to "follow."

AP denied security docs on HealthCare.gov, a risk to private information

AP denied security docs on HealthCare.gov, a risk ...

The Associated Press was denied a request made under the Freedom of Information Act for documents that contain security information on HealthCare.gov.